A list of semi to fully remote-friendly companies (jobs) in tech.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

A curated list of CTF frameworks, libraries, resources and softwares

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Graphical User Interface for creating and running Scratch 3.0 projects.

ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.

Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.

Standalone web client for Scratch

Virtual Machine used to represent, run, and maintain the state of programs for Scratch 3.0

🧙‍♂️ Node.js Command & Control for Script-Jacking Vulnerable Electron Applications

Polyglot generator for media files

📷 ReactJS Dropzone for File Uploads (using Dropzone.js)

KQL Queries. Microsoft Defender, Microsoft Sentinel

Marcrodata Refinement

Proof-of-concept to demonstrate dynamic QR swap phishing attacks in practice.

Damn Vulnerable Drone is an intentionally vulnerable drone hacking simulator based on the popular ArduPilot/MAVLink architecture, providing a realistic environment for hands-on drone hacking.

A zero dependencies, customizable, pure Javascript widget for navigating, managing, uploading, and downloading files and folders or other hierarchical object structures on any modern web browser.

A Firefox Web Extension to improve the discovery of DOM XSS.

Toolkit to turn Chromium vulnerabilities into full-chain exploits

CRADLE is a collaborative platform for Cyber Threat Intelligence analysts. It streamlines threat investigations with integrated note-taking, automated data linking, interactive visualizations, and …

An MCP for WireShark (tshark). Empower LLM's with realtime network traffic analysis capability

Safari 1day RCE Exploit

A web UI and server for task based competitions employing Etherpad Lite.

TP-Link Smarthome Device Simulator

Replace all homoglyphs with base characters. Useful to detect similar strings.

Craft engaging XSS challenges effortlessly with CTF-XSS-BOT. This template simplifies setting up an environment for Capture The Flag competitions. Simulate admin actions using Puppeteer and control…

list of applications or some things that "probably" steal or broke the data privacy.